[Koha-bugs] [Bug 16892] Add automatic patron registration via OAuth2 login

Thu May 4 00:39:39 CEST 2017

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16892

--- Comment #35 from M. Tompsett <mtompset at hotmail.com> ---
ARG! I really hate them constantly changing the interface. It makes it so much
harder to help people set up.

First you need to confirm the Google OAuth works normally:

Go to https://console.developers.google.com/project
Log in
Click '+ Create Project'
Type in a project name and click 'CREATE'
-- the notification bell will highlight
Select the creation notification with the project just created
Click 'Go to APIs overview'
Click 'Credentials' in the left panel
Click the 'Create credentials' drop-down button
Click 'OAuth client ID'
Click 'Configure consent screen'
Put it a meaningful string into the Product Name (e.g. South Pole Library
Authentication)
Fill in the other fields as desired (or not)
Click 'Save'
Click the 'Web application' radio button
Change the 'AUTHORIZED JAVASCRIPT ORIGINS' to your OPACBaseURL.
        (http://localhost:8080)
Change the 'AUTHORIZED REDIRECT URIS' to point to the new
        googleoauth2 script
        (http://localhost:8080/cgi-bin/koha/svc/auth/googleopenidconnect)
Click 'Create'
Copy and paste the 'Client ID' into the GoogleOAuth2ClientID system preference.
Copy and paste the 'client secret' into the GoogleOAuth2ClientSecret system
preference.
Change the GoogleOpenIDConnect system preference to 'Use'.
Click 'Save all Administration preferences'
Click 'OK' to dismiss the client ID and client secret dialogue.
In the OPAC, click 'Log in to your account'.
        -- You should get a confirmation request, if you are
            already logged in, OR a login screen if you are not.
        -- You need to have the primary email address set to one
           authenticated by Google in order to log in.
        -- OPACBaseURL system preference needs to be set as well.

This confirms you have the Google Authentication set up.

Make sure your google email is not associated with an account now, or you have
a second account to test with that has no patron matching.

Apply the patch

Upgrade the database

Make sure you set the three new system preferences:
GoogleOpenIDConnectAutoRegister - Allow
GoogleOpenIDConnectDefaultBranch - Any valid existing branchcode.
GoogleOpenIDConnectDefaultCategory - Any valid existing patron category.

Attempt to log in with a Google account not associated with a Koha account.
-- should succeed
Searching for patron in Staff client should show they are that branch and
category.

Run koha qa test tools.

-- 
You are receiving this mail because:
You are watching all bug changes.